autohost
Advanced tools
Comparing version 1.2.0 to 2.0.0-dependency-updates.0
@@ -1,28 +0,31 @@ | ||
| var crypt = require( 'bcrypt' ), | ||
| when = require( 'when' ), | ||
| passport = require( 'passport' ), | ||
| Basic = require( 'passport-http' ).BasicStrategy, | ||
| Bearer = require( 'passport-http-bearer' ).Strategy, | ||
| _ = require( 'lodash' ), | ||
| actions = require( './actions.js' ), // storage abstraction for actions | ||
| roles = require( './roles.js' ), // storage abstraction for roles | ||
| users = require( './users.js' ), // storage abstraction for users | ||
| basicAuth, | ||
| /* eslint-disable no-magic-numbers */ | ||
| "use strict"; | ||
| const crypt = require( "bcrypt" ); | ||
| const when = require( "when" ); | ||
| const Basic = require( "passport-http" ).BasicStrategy; | ||
| const Bearer = require( "passport-http-bearer" ).Strategy; | ||
| const _ = require( "lodash" ); | ||
| const actions = require( "./actions.js" ); // storage abstraction for actions | ||
| const roles = require( "./roles.js" ); // storage abstraction for roles | ||
| const users = require( "./users.js" ); // storage abstraction for users | ||
| let basicAuth, | ||
| bearerAuth, | ||
| useSession; | ||
| var wrapper = { | ||
| authenticate: authenticate, | ||
| const wrapper = { | ||
| authenticate, | ||
| changeActionRoles: actions.changeRoles, | ||
| changePassword: changePassword, | ||
| changePassword, | ||
| changeUserRoles: users.changeRoles, | ||
| checkPermission: checkPermission, | ||
| checkPermission, | ||
| createRole: roles.create, | ||
| createUser: createUser, | ||
| createUser, | ||
| createToken: users.createToken, | ||
| deleteAction: actions[ 'delete' ], | ||
| deleteRole: roles[ 'delete' ], | ||
| deleteUser: users[ 'delete' ], | ||
| deleteAction: actions.delete, | ||
| deleteRole: roles.delete, | ||
| deleteUser: users.delete, | ||
| destroyToken: users.destroyToken, | ||
| deserializeUser: deserializeUser, | ||
| deserializeUser, | ||
| disableUser: users.disable, | ||
@@ -37,7 +40,7 @@ enableUser: users.enable, | ||
| hasUsers: users.hasUsers, | ||
| initPassport: function( passport ) { | ||
| basicAuth = passport.authenticate( 'basic', { session: useSession } ); | ||
| bearerAuth = passport.authenticate( 'bearer', { session: useSession } ); | ||
| initPassport( passport ) { | ||
| basicAuth = passport.authenticate( "basic", { session: useSession } ); | ||
| bearerAuth = passport.authenticate( "bearer", { session: useSession } ); | ||
| }, | ||
| serializeUser: serializeUser, | ||
| serializeUser, | ||
| strategies: [ | ||
@@ -47,9 +50,9 @@ new Basic( authenticateCredentials ), | ||
| ], | ||
| updateActions: updateActions, | ||
| verifyCredentials: verifyCredentials | ||
| updateActions, | ||
| verifyCredentials | ||
| }; | ||
| function authenticate( req, res, next ) { | ||
| var authorization = req.headers.authorization; | ||
| if( /Bearer/i.test( authorization ) ) { | ||
| const authorization = req.headers.authorization; | ||
| if ( /Bearer/i.test( authorization ) ) { | ||
| bearerAuth( req, res, next ); | ||
@@ -80,4 +83,4 @@ } else { | ||
| function changePassword( username, password ) { | ||
| var salt = crypt.genSaltSync( 10 ), | ||
| hash = crypt.hashSync( password, salt ); | ||
| const salt = crypt.genSaltSync( 10 ); | ||
| const hash = crypt.hashSync( password, salt ); | ||
| return users.changePassword( username, salt, hash ); | ||
@@ -87,4 +90,4 @@ } | ||
| function createUser( username, password ) { | ||
| var salt = crypt.genSaltSync( 10 ), | ||
| hash = crypt.hashSync( password, salt ); | ||
| const salt = crypt.genSaltSync( 10 ); | ||
| const hash = crypt.hashSync( password, salt ); | ||
| return users.create( username, salt, hash ); | ||
@@ -94,6 +97,6 @@ } | ||
| function checkPermission( user, action ) { | ||
| var actionName = action.roles ? action.name : action, | ||
| actionRoles = _.isEmpty( action.roles ) ? actions.getRoles( actionName ) : action.roles, | ||
| userRoles = _.isEmpty( user.roles ) ? users.getRoles( user ) : user.roles; | ||
| if( user.roles && user.disabled ) { | ||
| const actionName = action.roles ? action.name : action; | ||
| const actionRoles = _.isEmpty( action.roles ) ? actions.getRoles( actionName ) : action.roles; | ||
| let userRoles = _.isEmpty( user.roles ) ? users.getRoles( user ) : user.roles; | ||
| if ( user.roles && user.disabled ) { | ||
| userRoles = []; | ||
@@ -104,3 +107,3 @@ } | ||
| function deserializeUser( user, done ) { done( null, user); } | ||
| function deserializeUser( user, done ) { done( null, user ); } | ||
@@ -110,8 +113,8 @@ function serializeUser( user, done ) { done( null, user ); } | ||
| function updateActions( actionList ) { | ||
| var list = _.flatten( | ||
| _.map( actionList, function( resource, resourceName ) { | ||
| return _.map( resource, function( action ) { | ||
| return actions.create( action, resourceName ); | ||
| } ); | ||
| } ) ); | ||
| const list = _.flatten( | ||
| _.map( actionList, function( resource, resourceName ) { | ||
| return _.map( resource, function( action ) { | ||
| return actions.create( action, resourceName ); | ||
| } ); | ||
| } ) ); | ||
| return when.all( list ); | ||
@@ -121,3 +124,3 @@ } | ||
| function userCan( userRoles, actionRoles ) { | ||
| return actionRoles.length == 0 || _.intersection( actionRoles, userRoles ).length > 0; | ||
| return actionRoles.length === 0 || _.intersection( actionRoles, userRoles ).length > 0; | ||
| } | ||
@@ -129,8 +132,7 @@ | ||
| .then( function( user ) { | ||
| if( user ) { | ||
| var valid = user.hash === crypt.hashSync( password, user.salt ); | ||
| return valid ? _.omit( user, 'hash', 'salt', 'tokens' ) : false; | ||
| } else { | ||
| return false; | ||
| if ( user ) { | ||
| const valid = user.hash === crypt.hashSync( password, user.salt ); | ||
| return valid ? _.omit( user, "hash", "salt", "tokens" ) : false; | ||
| } | ||
| return false; | ||
| } ); | ||
@@ -140,4 +142,4 @@ } | ||
| module.exports = function( config ) { | ||
| useSession = !( config == undefined ? false : config.noSession ); | ||
| useSession = !( config === undefined ? false : config.noSession ); | ||
| return wrapper; | ||
| }; | ||
| }; |
@@ -1,1 +0,3 @@ | ||
| module.exports = require( './src/harness.js' ); | ||
| "use strict"; | ||
| module.exports = require( "./src/harness.js" ); |
| { | ||
| "name": "autohost", | ||
| "version": "1.2.0", | ||
| "version": "2.0.0-dependency-updates.0", | ||
| "description": "Resource driven, transport agnostic host", | ||
@@ -9,7 +9,6 @@ "main": "src/index.js", | ||
| "cookie-parser": "^1.4.0", | ||
| "express": "^4.13.3", | ||
| "express": "~4.17.0", | ||
| "express-session": "^1.12.1", | ||
| "fount": "~0.1.0", | ||
| "lodash": "^3.10.1", | ||
| "metronic": "~0.2.2", | ||
| "fount": "1.0.1", | ||
| "lodash": "^4.17.20", | ||
| "multer": "^1.1.0", | ||
@@ -21,10 +20,9 @@ "node-uuid": "~1.4.3", | ||
| "query-string": "^3.0.0", | ||
| "request": "^2.67.0", | ||
| "socket.io": "~1.4.5", | ||
| "request": "^2.88.2", | ||
| "socket.io": "^2.3.0", | ||
| "websocket": "~1.0.22", | ||
| "when": "~3.7.2", | ||
| "whistlepunk": "^0.3.2" | ||
| "whistlepunk": "^1.0.0" | ||
| }, | ||
| "devDependencies": { | ||
| "biggulp": "^0.3.0", | ||
| "chai": "^3.4.1", | ||
@@ -34,17 +32,27 @@ "chai-as-promised": "^5.1.0", | ||
| "debug": "^2.1.3", | ||
| "gulp": "^3.8.6", | ||
| "hyped": "^0.5.1", | ||
| "open": "0.0.5", | ||
| "eslint": "^4.2.0", | ||
| "eslint-config-leankit": "^4.0.0", | ||
| "mocha": "^8.2.1", | ||
| "nodemon": "^1.11.0", | ||
| "nyc": "^15.1.0", | ||
| "passport-http": "^0.3.0", | ||
| "passport-http-bearer": "^1.0.1", | ||
| "passport-strategy": "^1.0.0", | ||
| "proxyquire": "^1.4.0", | ||
| "proxyquire": "^1.8.0", | ||
| "redis": "^2.4.2", | ||
| "sinon": "^1.14.1", | ||
| "sinon": "^4.2.2", | ||
| "sinon-as-promised": "^4.0.0", | ||
| "sinon-chai": "^2.7.0", | ||
| "socket.io-client": "~1.3.5" | ||
| "sinon-chai": "^2.12.0", | ||
| "socket.io-client": "^2.3.1" | ||
| }, | ||
| "scripts": { | ||
| "test": "gulp test" | ||
| "lint": "eslint --fix ./", | ||
| "test:only": "NODE_ENV=test mocha --exit -R spec 'spec/**/*.spec.js'", | ||
| "test:int": "NODE_ENV=test mocha --exit -R spec 'spec/integration/**/*.spec.js'", | ||
| "test:ci": "NODE_ENV=test mocha --exit -R spec 'spec/behavior/**/*.spec.js'", | ||
| "test:watch": "nodemon --exec \"NODE_ENV=test mocha --exit -R spec 'spec/**/*.spec.js' || true\" -e js,json,sql", | ||
| "test": "npm run cover", | ||
| "cover": "nyc -r text-summary -r html -- npm run test:only", | ||
| "cover:ci": "nyc -r text-summary -r html -- npm run test:ci", | ||
| "cover:show": "open \"file://$PWD/coverage/index.html\"" | ||
| }, | ||
@@ -89,3 +97,14 @@ "repository": { | ||
| }, | ||
| "homepage": "https://github.com/LeanKit-Labs/autohost" | ||
| "homepage": "https://github.com/LeanKit-Labs/autohost", | ||
| "nyc": { | ||
| "exclude": [ | ||
| "config.local.*", | ||
| "coverage", | ||
| "configs", | ||
| "spec" | ||
| ], | ||
| "sourceMap": false, | ||
| "instrument": true, | ||
| "all": true | ||
| } | ||
| } |
@@ -78,7 +78,2 @@ # autohost | ||
| fount: undefined, // pass the app's fount instance to autohost | ||
| metrics: { // configuration for or instance of metronic | ||
| delimiter: '.', | ||
| prefix: undefined, | ||
| units: 'ms', | ||
| } | ||
@@ -504,3 +499,2 @@ parseAhead: false, // parses path parameters before application middleware | ||
| logout: // a method to end the current session | ||
| metricKey: // a key containing the resource-action namespace | ||
| path: // url of the request (minus protocol/domain/port) OR message topic | ||
@@ -670,75 +664,2 @@ session: // session hash | ||
| ## Metrics | ||
| Metrics are collected for routes, resource actions, authentication, authorization and errors. The metrics also include memory utlization as well as system memory and process load. | ||
| The [metronics](https://github.com/LeanKit-Labs/metronics) API is available via `host.metrics`. The `metrics` property will no be initialized until after the init call. | ||
| Metrics are not captured locally by default, but this can be opted into with the `useLocalAdapter` call. | ||
| ```javascript | ||
| // turns on local metrics capture | ||
| host.metrics.useLocalAdapter(); | ||
| // gets a report object | ||
| most.metrics.getReport(); | ||
| ``` | ||
| ### Metrics collected | ||
| Being aware of the metric keys used is important. | ||
| __System Level Metrics__ | ||
| | Key | Name | | ||
| |-----|------| | ||
| | {prefix}.{hostName}.memory-total | SYSTEM_MEMORY_TOTAL | | ||
| | {prefix}.{hostName}.memory-allocated | SYSTEM_MEMORY_USED | | ||
| | {prefix}.{hostName}.memory-free | SYSTEM_MEMORY_FREE | | ||
| __Process Level Metrics__ | ||
| | Key | Name | | ||
| |-----|------| | ||
| | {prefix}.{hostName}.{processTitle}.memory-physical | PROCESS_MEMORY_ALLOCATED | | ||
| | {prefix}.{hostName}.{processTitle}.memory-allocated | PROCESS_MEMORY_AVAILABLE | | ||
| | {prefix}.{hostName}.{processTitle}.memory-used | PROCESS_MEMORY_USED | | ||
| | {prefix}.{hostName}.{processTitle}.core-#-load | PROCESS_CORE_#_LOAD | | ||
| __Authentication & Authorization__ | ||
| | Key | Name | | ||
| |-----|------| | ||
| | {prefix}.{hostName}.{processTitle}.authenticating | HTTP_AUTHENTICATION_DURATION | | ||
| | {prefix}.{hostName}.{processTitle}.authentication-attempted | HTTP_AUTHENTICATION_ATTEMPTS | | ||
| | {prefix}.{hostName}.{processTitle}.authentication-failed | HTTP_AUTHENTICATION_ERRORS | | ||
| | {prefix}.{hostName}.{processTitle}.authentication-granted | HTTP_AUTHENTICATION_GRANTED | | ||
| | {prefix}.{hostName}.{processTitle}.authentication-rejected | HTTP_AUTHENTICATION_REJECTED | | ||
| | {prefix}.{hostName}.{processTitle}.authentication-skipped | HTTP_AUTHENTICATION_SKIPPED | | ||
| | {prefix}.{hostName}.{processTitle}.authorizing | HTTP_AUTHORIZATION_DURATION | | ||
| | {prefix}.{hostName}.{processTitle}.authorization-attempted | HTTP_AUTHORIZATION_ATTEMPTS | | ||
| | {prefix}.{hostName}.{processTitle}.authorization-failed | HTTP_AUTHORIZATION_ERRORS | | ||
| | {prefix}.{hostName}.{processTitle}.authorization-granted | HTTP_AUTHORIZATION_GRANTED | | ||
| | {prefix}.{hostName}.{processTitle}.authorization-rejected | HTTP_AUTHORIZATION_REJECTED | | ||
| __Static Resources & Custom Routes__ | ||
| | Key | Name | | ||
| |-----|------| | ||
| | {prefix}.{hostName}.{processTitle}.{url-verb}.ingress | HTTP_INGRESS | | ||
| | {prefix}.{hostName}.{processTitle}.{url-verb}.egress | HTTP_EGRESS | | ||
| | {prefix}.{hostName}.{processTitle}.{url-verb}.duration | HTTP_ROUTE_DURATION | | ||
| | {prefix}.{hostName}.{processTitle}.{url-verb}.exceptions | HTTP_ROUTE_EXCEPTIONS | | ||
| | {prefix}.{hostName}.{processTitle}.{url-verb}.errors | HTTP_ROUTE_ERRORS | | ||
| | {prefix}.{hostName}.{processTitle}.{url-verb}.requests | HTTP_REQUESTS | | ||
| __Resource Actions__ | ||
| | Key | Name | | ||
| |-----|------| | ||
| | {prefix}.{hostName}.{processTitle}.{resource-action}.{transport}.ingress | HTTP_API_INGRESS | | ||
| | {prefix}.{hostName}.{processTitle}.{resource-action}.{transport}.egress | HTTP_API_EGRESS | | ||
| | {prefix}.{hostName}.{processTitle}.{resource-action}.{transport}.duration | HTTP_API_DURATION | | ||
| | {prefix}.{hostName}.{processTitle}.{resource-action}.{transport}.exceptions | HTTP_API_EXCEPTIONS | | ||
| | {prefix}.{hostName}.{processTitle}.{resource-action}.{transport}.errors | HTTP_API_ERRORS | | ||
| | {prefix}.{hostName}.{processTitle}.{resource-action}.{transport}.requests | HTTP_REQUESTS | | ||
| ## Metadata | ||
@@ -745,0 +666,0 @@ Metadata describing the routes and topic are available via an OPTIONS to api: |
@@ -5,13 +5,4 @@ module.exports = function( host ) { | ||
| resources: "./public", | ||
| actions: { | ||
| "metrics": { | ||
| url: "/metrics", | ||
| method: "get", | ||
| handle: function( /* envelope */ ) { | ||
| var metrics = host.metrics.getReport(); | ||
| return { data: metrics }; | ||
| } | ||
| } | ||
| } | ||
| actions: {} | ||
| }; | ||
| }; |
@@ -172,3 +172,2 @@ var _ = require( 'lodash' ); | ||
| httpAdapter: httpAdapter, | ||
| metrics: require( './metrics' )( config.metrics ), | ||
| middleware: middleware, | ||
@@ -175,0 +174,0 @@ setActionRoles: actionRoles, |
@@ -7,3 +7,3 @@ var path = require( 'path' ); | ||
| var passportFn = require( './passport.js' ); | ||
| var metronic = require( '../metrics' ); | ||
| var format = require( 'util' ).format; | ||
@@ -71,9 +71,5 @@ | ||
| ); | ||
| meta.authAttempted(); | ||
| var timer = state.metrics.authorizationTimer(); | ||
| function onError( err ) { | ||
| log.error( 'Error during check permissions: %s', err.stack ); | ||
| state.metrics.authorizationErrors.record( 1, { name: 'HTTP_AUTHORIZATION_ERRORS' }); | ||
| timer.record( { name: 'HTTP_AUTHORIZATION_DURATION' } ); | ||
| throw err; | ||
@@ -83,5 +79,3 @@ } | ||
| function onPermission( granted ) { | ||
| timer.record( { name: 'HTTP_AUTHORIZATION_DURATION' } ); | ||
| if( granted ) { | ||
| meta.authGranted(); | ||
| log.debug( 'HTTP activation of action %s (%s %s) for %j granted', | ||
@@ -92,3 +86,2 @@ meta.alias, action.method, meta.url, state.config.getUserString( envelope.user ) | ||
| } else { | ||
| meta.authRejected(); | ||
| log.debug( 'User %s was denied HTTP activation of action %s (%s %s)', | ||
@@ -124,3 +117,3 @@ state.config.getUserString( envelope.user ), meta.alias, action.method, meta.url | ||
| var resourceKey = [ [ resource.name, actionName ].join( '-' ), 'http' ]; | ||
| var metricKey = [ state.metrics.prefix ].concat( resourceKey ); | ||
| meta.routes[ actionName ] = { method: action.method, urls: urls }; | ||
@@ -130,21 +123,8 @@ return { | ||
| envelope: undefined, | ||
| authAttempted: function() { | ||
| state.metrics.authorizationAttempts.record( 1, { name: 'HTTP_AUTHORIZATION_ATTEMPTS' } ); | ||
| }, | ||
| authGranted: function() { | ||
| state.metrics.authorizationGrants.record( 1, { name: 'HTTP_AUTHORIZATION_GRANTED' } ); | ||
| }, | ||
| authRejected: function() { | ||
| state.metrics.authorizationRejections.record( 1, { name: 'HTTP_AUTHORIZATION_REJECTED' } ); | ||
| }, | ||
| getEnvelope: function( req, res ) { | ||
| var envelope = new state.Envelope( req, res, metricKey ); | ||
| var envelope = new state.Envelope( req, res ); | ||
| this.envelope = envelope; | ||
| return this.envelope; | ||
| }, | ||
| getTimer: function() { | ||
| return state.metrics.timer( resourceKey.concat( 'duration' ) ); | ||
| }, | ||
| handleErrors: state.config && state.config.handleRouteErrors, | ||
| metricKey: metricKey, | ||
| resourceKey: resourceKey, | ||
@@ -176,3 +156,3 @@ urls: urls | ||
| 'Differentiated handle\'s \'when\' property must be a function or an object instead of \'%s\'. Option will not be included in potential outcomes.' | ||
| ), | ||
| ), | ||
| option.when | ||
@@ -187,3 +167,3 @@ ); | ||
| if( option ) { | ||
| return option.then( envelope ); | ||
| return option.then( envelope ); | ||
| } else { | ||
@@ -218,3 +198,3 @@ return { status: 400, data: 'The request failed to meet any of the supported conditions' }; | ||
| 'Differentiated authorize\'s \'when\' property must be a function or an object instead of \'%s\'. Option will not be included in potential outcomes.' | ||
| ), | ||
| ), | ||
| option.when | ||
@@ -229,3 +209,3 @@ ); | ||
| if( option ) { | ||
| return option.then( envelope ); | ||
| return option.then( envelope ); | ||
| } else { | ||
@@ -359,6 +339,4 @@ return { status: 403, data: { message: 'User lacks sufficient permissions' } }; | ||
| meta.getEnvelope( req, res ); | ||
| req._metricKey = meta.metricKey; | ||
| req._resource = resource.name; | ||
| req._action = actionName; | ||
| req._timer = meta.getTimer(); | ||
| action.handle = getHandler( action.handle ); | ||
@@ -376,3 +354,2 @@ respond( state, meta, url, req, res, resource, action ); | ||
| name: 'http', | ||
| metrics: metronic() | ||
| }; | ||
@@ -379,0 +356,0 @@ _.merge( state, { |
@@ -5,6 +5,5 @@ var request; | ||
| var path = require( 'path' ); | ||
| var metrics = require( '../metrics' )(); | ||
| var log = require( '../log' )( 'autohost.http.envelope' ); | ||
| function HttpEnvelope( req, res, metricKey ) { | ||
| function HttpEnvelope( req, res ) { | ||
| this.transport = 'http'; | ||
@@ -28,4 +27,3 @@ this.context = req.context; | ||
| }; | ||
| this.metricKey = metricKey; | ||
| this.path = this.url = req.url; | ||
@@ -40,4 +38,2 @@ this.method = req.method.toLowerCase(); | ||
| }; | ||
| this.exceptions = metrics.meter( this.metricKey.concat( 'exceptions' ) ); | ||
| this.errors = metrics.meter( this.metricKey.concat( 'errors' ) ); | ||
| this.version = req.context ? ( req.context.version || 1 ) : 1; | ||
@@ -148,7 +144,4 @@ | ||
| if ( strategy.status >= 500 ) { | ||
| this.exceptions.record( 1, { name: 'HTTP_API_EXCEPTIONS' } ); | ||
| var user = _.isObject( this.user ) ? ( this.user.name || this.user.username || this.user.id ) : 'anonymous'; | ||
| log.error( '%s [%s] %s\n%s', process.title, user, this.url || '', error.stack || error.name || '' ); | ||
| } else { | ||
| this.errors.record( 1, { name: 'HTTP_API_ERRORS' } ); | ||
| } | ||
@@ -155,0 +148,0 @@ |
@@ -5,3 +5,2 @@ var _ = require( 'lodash' ); | ||
| var multer = require( 'multer' ); | ||
| var metronic = require( '../metrics' ); | ||
| var os = require( 'os' ); | ||
@@ -101,3 +100,2 @@ var hostName = os.hostname(); | ||
| var urlKey = req.url.slice( 1 ).replace( /[\/]/g, '-' ) + '-' + req.method.toLowerCase(); | ||
| var timer = state.metrics.timer( [ urlKey, 'http', 'duration' ] ); | ||
@@ -108,29 +106,8 @@ res.once( 'finish', function() { | ||
| var read = req.connection.bytesRead; | ||
| var readKB = read / 1024; | ||
| var code = res.statusCode; | ||
| var message = res.statusMessage; | ||
| var sent = req.connection._bytesDispatched; | ||
| var sentKB = sent ? sent / 1024 : 0; | ||
| var url = req.url; | ||
| var elapsed; | ||
| var metricKey = req._metricKey; | ||
| if ( metricKey ) { | ||
| var resourceRequests = state.metrics.meter( 'requests', 'count', metricKey ); | ||
| var resourceIngress = state.metrics.meter( 'ingress', 'bytes', metricKey ); | ||
| var resourceEgress = state.metrics.meter( 'egress', 'bytes', metricKey ); | ||
| resourceRequests.record( 1, { name: 'HTTP_API_REQUESTS' } ); | ||
| resourceIngress.record( read, { name: 'HTTP_API_INGRESS' } ); | ||
| resourceEgress.record( sent, { name: 'HTTP_API_EGRESS' } ); | ||
| elapsed = req._timer.record( { name: 'HTTP_API_DURATION' } ); | ||
| } else { | ||
| var httpRequests = state.metrics.meter( [ urlKey, 'requests' ] ); | ||
| var httpIngress = state.metrics.meter( [ urlKey, 'ingress' ], 'bytes' ); | ||
| var httpEgress = state.metrics.meter( [ urlKey, 'egress' ], 'bytes' ); | ||
| httpRequests.record( 1, { name: 'HTTP_REQUESTS' } ); | ||
| httpIngress.record( read, { name: 'HTTP_INGRESS' } ); | ||
| httpEgress.record( sent, { name: 'HTTP_EGRESS' } ); | ||
| elapsed = timer.record( { name: 'HTTP_REQUEST_DURATION' } ); | ||
| } | ||
| if( state.config.enableAccessLogs ) { | ||
@@ -159,3 +136,2 @@ log.info( '%s@%s %s (%d ms) [%s] %s %s (%d bytes) %s %s (%d bytes)', | ||
| cookieParser: cookies(), | ||
| metrics: metronic(), | ||
| session: undefined, | ||
@@ -162,0 +138,0 @@ sessionLib: sessionLib |
@@ -5,3 +5,2 @@ var _ = require( 'lodash' ); | ||
| var log = require( '../log' )( 'autohost.passport' ); | ||
| var metronic = require( '../metrics' ); | ||
| var noOp = function() { | ||
@@ -18,9 +17,5 @@ return when( true ); | ||
| if ( skipAuth || req.user ) { | ||
| state.metrics.authenticationSkips.record( 1, { name: 'HTTP_AUTHENTICATION_SKIPPED' } ); | ||
| skipAuthentication( req, res, next ); | ||
| } else { | ||
| state.metrics.authenticationAttempts.record( 1, { name: 'HTTP_AUTHENTICATION_ATTEMPTS' } ); | ||
| var timer = state.metrics.authenticationTimer(); | ||
| state.authProvider.authenticate( req, res, next ); | ||
| timer.record( { name: 'HTTP_AUTHENTICATION_DURATION' } ); | ||
| } | ||
@@ -47,5 +42,3 @@ } | ||
| function onError( err ) { | ||
| state.metrics.authorizationErrors.record( 1, { name: 'HTTP_AUTHORIZATION_ERRORS' } ); | ||
| req.user.roles = []; | ||
| timer.record( { name: 'HTTP_AUTHORIZATION_DURATION' } ); | ||
| log.debug( 'Failed to get roles for %s with %s', state.config.getUserString( req.user ), err.stack ); | ||
@@ -69,3 +62,2 @@ // during a socket connection, express is not fully initialized and this call fails ... hard | ||
| req.user.roles = roles; | ||
| timer.record( { name: 'HTTP_AUTHORIZATION_DURATION' } ); | ||
| next(); | ||
@@ -78,3 +70,2 @@ } | ||
| } else { | ||
| var timer = state.metrics.authorizationTimer(); | ||
| state.authProvider.getUserRoles( req.user, req.context ) | ||
@@ -87,4 +78,2 @@ .then( onRoles, onError ); | ||
| function onError( err ) { | ||
| state.metrics.authorizationErrors.record( 1, { name: 'WS_AUTHORIZATION_ERRORS' } ); | ||
| timer.record( { name: 'WS_AUTHORIZATION_DURATION' } ); | ||
| log.debug( 'Failed to get roles for %s with %s', state.config.getUserString( user ), err.stack ); | ||
@@ -96,3 +85,2 @@ return []; | ||
| log.debug( 'Got roles [ %s ] for %s', roles, state.config.getUserString( user ) ); | ||
| timer.record( { name: 'WS_AUTHORIZATION_DURATION' } ); | ||
| return roles; | ||
@@ -104,3 +92,2 @@ } | ||
| } else { | ||
| var timer = state.metrics.authorizationTimer(); | ||
| return state.authProvider.getUserRoles( user, {} ) | ||
@@ -154,3 +141,2 @@ .then( onRoles, onError ); | ||
| authProvider: authProvider, | ||
| metrics: metronic(), | ||
| passportInitialize: passport.initialize(), | ||
@@ -157,0 +143,0 @@ passportSession: passport.session() |
@@ -29,3 +29,3 @@ var _ = require( 'lodash' ); | ||
| } | ||
| var metrics = require( './metrics' )( config.metrics || {} ); | ||
| var middleware = middlewareLib( sessionLib ); | ||
@@ -41,3 +41,2 @@ var http = httpFn( request, middleware ); | ||
| meta: undefined, | ||
| metrics: metrics, | ||
| middleware: middleware, | ||
@@ -44,0 +43,0 @@ request: request, |
| var _ = require( 'lodash' ); | ||
| var metronic = require( '../metrics' ); | ||
| var log = require( '../log' )( 'autohost.websocket.adapter' ); | ||
@@ -44,23 +43,10 @@ | ||
| var alias = buildActionAlias( resource.name, actionName ); | ||
| var errors = state.metrics.meter( [ topic, 'error' ] ); | ||
| var metricKey = [ state.metrics.prefix, [ resource.name, actionName ].join( '-' ), 'ws' ]; | ||
| return { | ||
| alias: alias, | ||
| authAttempted: function() { | ||
| state.metrics.authorizationAttempts.record( 1, { name: 'WS_AUTHORIZATION_ATTEMPTS' } ); | ||
| }, | ||
| authGranted: function() { | ||
| state.metrics.authorizationGrants.record( 1, { name: 'WS_AUTHORIZATION_GRANTS' } ); | ||
| }, | ||
| authRejected: function() { | ||
| state.metrics.authorizationRejections.record( 1, { name: 'WS_AUTHORIZATION_REJECTIONS' } ); | ||
| }, | ||
| topic: topic, | ||
| errors: errors, | ||
| metricKey: metricKey | ||
| }; | ||
| } | ||
| function respond( state, meta, resource, action, client, data, message, resourceTimer ) { | ||
| var envelope = new state.Envelope( meta.topic, message, client, meta.metricKey, resourceTimer ); | ||
| function respond( state, meta, resource, action, client, data, message ) { | ||
| var envelope = new state.Envelope( meta.topic, message, client ); | ||
| var result; | ||
@@ -71,3 +57,2 @@ if ( state.config && state.config.handleRouteErrors ) { | ||
| } catch ( err ) { | ||
| meta.errors.record( 1, { name: 'WS_TOPIC_ERRORS' } ); | ||
| client.publish( data.replyTo || meta.topic, | ||
@@ -97,3 +82,2 @@ 'Server error at topic ' + meta.topic ); | ||
| var data = message.data || message; | ||
| var resourceTimer = state.metrics.timer( [ resource.name + '-' + actionName, 'ws', 'duration' ] ); | ||
| if ( state.authProvider ) { | ||
@@ -103,8 +87,6 @@ checkPermissionFor( state, client.user, {}, meta.alias ) | ||
| if ( pass ) { | ||
| meta.authGranted(); | ||
| log.debug( 'WS activation of action %s for %s granted', | ||
| meta.alias, state.config.getUserString( client.user ) ); | ||
| respond( state, meta, resource, action, client, data, message, resourceTimer ); | ||
| respond( state, meta, resource, action, client, data, message ); | ||
| } else { | ||
| meta.authRejected(); | ||
| log.debug( 'User %s was denied WS activation of action %s', | ||
@@ -117,3 +99,3 @@ state.config.getUserString( client.user ), meta.alias ); | ||
| } else { | ||
| respond( state, meta, resource, action, client, data, message, resourceTimer ); | ||
| respond( state, meta, resource, action, client, data, message ); | ||
| } | ||
@@ -127,3 +109,2 @@ } ); | ||
| config: config, | ||
| metrics: metronic(), | ||
| name: 'http', | ||
@@ -130,0 +111,0 @@ socket: socket |
@@ -13,3 +13,3 @@ var _ = require( 'lodash' ); | ||
| function SocketEnvelope( topic, message, socket, metricKey, timer ) { | ||
| function SocketEnvelope( topic, message, socket ) { | ||
| this.transport = 'websocket'; | ||
@@ -23,3 +23,2 @@ this.context = socket.context; | ||
| }; | ||
| this.metricKey = metricKey; | ||
| this.params = {}; | ||
@@ -29,3 +28,2 @@ this.replyTo = this.data.replyTo || topic; | ||
| this.session = socket.session; | ||
| this.timer = timer; | ||
| this.topic = topic; | ||
@@ -57,3 +55,2 @@ this.user = socket.user; | ||
| SocketEnvelope.prototype.forwardTo = function( /* options */ ) { | ||
| this.recordTime(); | ||
| this.reply( { | ||
@@ -66,8 +63,3 @@ success: false, | ||
| SocketEnvelope.prototype.recordTime = function() { | ||
| this.timer.record( { name: 'WS_ACTION_DURATION' } ); | ||
| }; | ||
| SocketEnvelope.prototype.redirect = function( /* options */ ) { | ||
| this.recordTime(); | ||
| this.reply( { | ||
@@ -141,3 +133,2 @@ success: false, | ||
| this._original.socket.publish( this.replyTo, publish ); | ||
| this.recordTime(); | ||
| }; | ||
@@ -148,5 +139,4 @@ | ||
| fileStream.pipe( this.responseStream ); | ||
| this.recordTime(); | ||
| }; | ||
| module.exports = SocketEnvelope; |
New alerts
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
No v1
QualityPackage is not semver >=1. This means it is not stable and does not support ^ ranges.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by257.08%
571664
- Dependency count
- decreased by-5.56%
17
- Number of package files
- increased by20%
36
Worsened metrics
- Dev dependency count
- increased by5.88%
18
- Lines of code
- decreased by-4.9%
2502
- Number of low quality alerts
- increased byInfinity%
1
- Number of lines in readme file
- decreased by-9.75%
731
- Number of medium supply chain risk alerts
- increased by50%
3
Dependency changes
+ Addedafter@0.8.2(transitive)
+ Addedarraybuffer.slice@0.0.7(transitive)
+ Addedbase64-arraybuffer@0.1.4(transitive)
+ Addedbase64id@2.0.0(transitive)
+ Addedblob@0.0.5(transitive)
+ Addedbody-parser@1.19.2(transitive)
+ Addedcomponent-emitter@1.2.11.3.1(transitive)
+ Addedcookie@0.4.2(transitive)
+ Addeddebug@2.4.53.1.04.1.1(transitive)
+ Addeddepd@1.1.2(transitive)
+ Addeddestroy@1.0.4(transitive)
+ Addedengine.io@3.6.1(transitive)
+ Addedengine.io-client@3.5.3(transitive)
+ Addedengine.io-parser@2.2.1(transitive)
+ Addedexpress@4.17.3(transitive)
+ Addedfinalhandler@1.1.2(transitive)
+ Addedfount@1.0.1(transitive)
+ Addedhas-binary2@1.0.3(transitive)
+ Addedhttp-errors@1.8.1(transitive)
+ Addedisarray@2.0.1(transitive)
+ Addedlodash@4.17.20(transitive)
+ Addedmachina@4.0.2(transitive)
+ Addedmoment@2.30.1(transitive)
+ Addedms@0.7.2(transitive)
+ Addedon-finished@2.3.0(transitive)
+ Addedparseqs@0.0.6(transitive)
+ Addedparseuri@0.0.6(transitive)
+ Addedqs@6.9.7(transitive)
+ Addedraw-body@2.4.3(transitive)
+ Addedsend@0.17.2(transitive)
+ Addedserve-static@1.14.2(transitive)
+ Addedsocket.io@2.5.0(transitive)
+ Addedsocket.io-adapter@1.1.2(transitive)
+ Addedsocket.io-client@2.5.0(transitive)
+ Addedsocket.io-parser@3.3.33.4.3(transitive)
+ Addedstatuses@1.5.0(transitive)
+ Addedwhistlepunk@1.0.0(transitive)
+ Addedws@7.4.6(transitive)
+ Addedxmlhttprequest-ssl@1.6.3(transitive)
- Removedmetronic@~0.2.2
- Removedaccepts@1.1.4(transitive)
- Removedafter@0.8.1(transitive)
- Removedarraybuffer.slice@0.0.6(transitive)
- Removedbase64-arraybuffer@0.1.2(transitive)
- Removedbase64id@0.1.0(transitive)
- Removedbenchmark@1.0.0(transitive)
- Removedbetter-assert@1.0.2(transitive)
- Removedblob@0.0.4(transitive)
- Removedcallsite@1.0.0(transitive)
- Removedcomponent-emitter@1.1.21.2.0(transitive)
- Removeddebug@0.7.42.2.0(transitive)
- Removedengine.io@1.6.11(transitive)
- Removedengine.io-client@1.6.11(transitive)
- Removedengine.io-parser@1.2.4(transitive)
- Removedevents@2.1.0(transitive)
- Removedexpress@4.19.2(transitive)
- Removedfinalhandler@1.2.0(transitive)
- Removedfount@0.1.0(transitive)
- Removedhas-binary@0.1.60.1.7(transitive)
- Removedjson3@3.2.63.3.2(transitive)
- Removedlodash@2.4.23.10.13.7.0(transitive)
- Removedmachina@1.1.2(transitive)
- Removedmetrics@0.1.21(transitive)
- Removedmetronic@0.2.5(transitive)
- Removedmime-db@1.12.0(transitive)
- Removedmime-types@2.0.14(transitive)
- Removedmoment@2.10.2(transitive)
- Removedmonologue.js@0.3.5(transitive)
- Removedms@0.7.1(transitive)
- Removednegotiator@0.4.9(transitive)
- Removedobject-component@0.0.3(transitive)
- Removedoptions@0.0.6(transitive)
- Removedparsejson@0.0.1(transitive)
- Removedparseqs@0.0.2(transitive)
- Removedparseuri@0.0.4(transitive)
- Removedriveter@0.2.0(transitive)
- Removedsend@0.18.0(transitive)
- Removedserve-static@1.15.0(transitive)
- Removedsocket.io@1.4.8(transitive)
- Removedsocket.io-adapter@0.4.0(transitive)
- Removedsocket.io-client@1.4.8(transitive)
- Removedsocket.io-parser@2.2.22.2.6(transitive)
- Removedultron@1.0.2(transitive)
- Removedutf8@2.1.0(transitive)
- Removedwhistlepunk@0.3.3(transitive)
- Removedws@1.0.11.1.0(transitive)
- Removedxmlhttprequest-ssl@1.5.1(transitive)
Updatedexpress@~4.17.0
Updatedfount@1.0.1
Updatedlodash@^4.17.20
Updatedrequest@^2.88.2
Updatedsocket.io@^2.3.0
Updatedwhistlepunk@^1.0.0